more setup

2020-05-18 00:01:27 -07:00 · 2020-05-18 00:01:27 -07:00 · 9fb91c83e7
parent f2f6e13af7
commit 9fb91c83e7
2 changed files with 19 additions and 8 deletions
--- a/app/dashboard/views/fido_setup.py
+++ b/app/dashboard/views/fido_setup.py
@ -29,7 +29,10 @@ def fido_setup():
        )
        return redirect(url_for("dashboard.index"))

-    fido_model = FIDO.filter_by(uuid=current_user.fido_uuid).all()
+    if current_user.fido_uuid is not None:
+        fido_model = FIDO.filter_by(uuid=current_user.fido_uuid).all()
+    else:
+        fido_model = []

    fido_token_form = FidoTokenForm()

@ -59,18 +62,25 @@ def fido_setup():
            LOG.error(f"An error occurred in WebAuthn registration process: {e}")
            flash("Key registration failed.", "warning")
            return redirect(url_for("dashboard.index"))
+        
+        if current_user.fido_uuid is None:
+            current_user.fido_uuid = fido_uuid

-        current_user.fido_pk = str(fido_credential.public_key, "utf-8")
-        current_user.fido_uuid = fido_uuid
-        current_user.fido_sign_count = fido_credential.sign_count
-        current_user.fido_credential_id = str(fido_credential.credential_id, "utf-8")
+        FIDO.create(
+            credential_id = str(fido_credential.credential_id, "utf-8"),
+            uuid = fido_uuid,
+            public_key = str(fido_credential.public_key, "utf-8"),
+            sign_count = fido_credential.sign_count,
+        )
        db.session.commit()

+        LOG.d(f"credential_id={str(fido_credential.credential_id, 'utf-8')} added for {fido_uuid}")
+
        flash("Security key has been activated", "success")
        return redirect(url_for("dashboard.recovery_code_route"))

    # Prepare information for key registration process
-    fido_uuid = str(uuid.uuid4())
+    fido_uuid = str(uuid.uuid4()) if current_user.fido_uuid is None else current_user.fido_uuid
    challenge = secrets.token_urlsafe(32)

    credential_create_options = webauthn.WebAuthnMakeCredentialOptions(
@ -90,6 +100,7 @@ def fido_setup():
    registration_dict = credential_create_options.registration_dict
    del registration_dict["extensions"]["webauthn.loc"]

+    # Prevent user from adding duplicated keys
    for record in fido_model:
        registration_dict["excludeCredentials"].append({
            'type': 'public-key',
--- a/server.py
+++ b/server.py
@ -147,13 +147,13 @@ def fake_data():
    )
    db.session.commit()

-    fido = FIDO.create(
+    FIDO.create(
        credential_id = "umR9q5vX61XG7vh7gi8wT0gJ9LkYwHKSzDL5vhtZs3o",
        uuid = "59576167-6c37-4d67-943b-4683b24ff821",
        public_key = "pQECAyYgASFYIEjQg3TOuUZJxylLE6gJDNHcNyYVW5hOAZ-vGOY9I_TDIlggfJqIh07bj3n6RVmrEsuozsYPYM6VeJKCeduz0DFp8AY",
        sign_count = 1,
    )
-    fido = FIDO.create(
+    FIDO.create(
        credential_id = "1mR9q5vX61XG7vh7gi8wT0gJ9LkYwHKSzDL5vhtZs3o",
        uuid = "59576167-6c37-4d67-943b-4683b24ff821",
        public_key = "1QECAyYgASFYIEjQg3TOuUZJxylLE6gJDNHcNyYVW5hOAZ-vGOY9I_TDIlggfJqIh07bj3n6RVmrEsuozsYPYM6VeJKCeduz0DFp8AY",